ssh密钥登陆设置
密钥登陆设置
生成公私钥
ssh-keygen命令
[root@loalhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:p5WiXI3+A6p+p4k2NK33f0wTPvbKorA5tXZh8xvKPMo root@loalhost
The key's randomart image is:
+---[RSA 3072]----+
| |
| |
| |
| o .. |
| . S =. . |
| o..+o=+ * |
| . o+oo+ B.+ |
| +.=*++=o+.. |
| o+==*E=*=+o |
+----[SHA256]-----+
公钥的分发
ssh-copy-id命令
[root@YX-node01 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@YX-node03
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Authorized users only. All activities may be monitored and reported.
root@yx-node03's password:
[root@YX-node01 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@YX-node03
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Authorized users only. All activities may be monitored and reported.
root@yx-node03's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@YX-node03'"
and check to make sure that only the key(s) you wanted were added.
密钥的登陆
ssh命令
[root@YX-node01 ~]# ssh root@YX-node02
Authorized users only. All activities may be monitored and reported.
Authorized users only. All activities may be monitored and reported.
Last login: Mon Sep 5 11:13:05 2022 from 192.168.153.176
Welcome to 5.10.0-5.10.0.24.oe1.x86_64
System information as of time: Mon Sep 5 11:26:44 AM CST 2022
System load: 0.00
Processes: 243
Memory used: 2.7%
Swap used: 0.0%
Usage On: 52%
IP address: 192.168.153.174
IP address: 192.168.153.175
Users online: 3
密钥文件存储
本机公钥文件
/root/.ssh/id_rsa_.pub
[root@YX-node01 .ssh]# cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQWlsPTR7eapXsicu8mLKyslFMfxMuptdCQo/12h0cyDzFJRQCw5c6Rv5hwb/gFMB+Wc9vfcy22Iq3N6szimS5T4lO05xLC8fU88ZA4iLliscErG7KJU/63nZlpTyCKieJ8uvVe4dibBvIzIJKL39b68dkRYvKmhujeVoLlBl3eQbvy2cBJvjsFn3RFwl/Tq9IF1pt4k0tUY9AFQPecFqN8u/QjKLqfTombf8WHdLzBphjiiCz45yXwPw9+7a+88rC9PN0mNRcC6nK0j5RlVzCgNUlRR+pkN/K62cP3OoNLsa1WEgjzlS5FgEuflHSIUUGM8N4+NxMkA9zG/Md4IXSObuBAHAKDR1N0cvOR5gtkMoLWIeTj+9ZdD295Wr4lqjhLKL6t3Wjz2BSFrZFeKNPwOXPoq3L5aGHW5iwZ7rFbXaSi6NQHVy3zR6N4ebfhzx54DHJ/mBs7NLO+fO2i59oA07tGV8smd5Ce/RQwklZOLX9VS2/m5hOTxAwKFyiA6c= root@YX-node01
本机私钥文件
/root/.ssh/id_rsa
[root@YX-node01 .ssh]# cat id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEA0FpbD00e3mqV7InLvJiysrJRTH8TLqbXQkKP9dodHMg8xSUUAsOX
Okb+YcG/4BTAflnPb33MttiKtzerM4pkuU+JTtOcSwvH1PPGQOIi5YrHBKxuyiVP+t52Za
U8gionifLr1XuHYmwbyMyCSi9/W+vHZEWLypobo3laC5QZd3kG78tnASb47BZ90RcJf06v
SBdabeJNLVGPQBUD3nBajfLv0Iyi6n06Jm3/Fh3S8waYY4ogs+Ocl8D8Pfu2vvPKwvTzdJ
jUXAupytI+UZVcwoDVJUUfqZDfyutnD9zqDS7GtVhII85UuRYBLn5R0iFFBjPDePjcTJAP
cxvzHeCF0jm7gQBwCg0dTdHLzkeYLZDKC1iHk4/vWXQ9veVq+Jao4Syi+rd1o89gUha2RX
ijT8Dlz6Kty+Whh1uYsGe6xW12koujUB1ct80ejeHm34c8eeAxyf5gbOzSzvnztoufaANO
7RlfLJneQnv0UMJJWTi1/VUtv5uYTk8QMChcogOnAAAFiHlf7WZ5X+1mAAAAB3NzaC1yc2
EAAAGBANBaWw9NHt5qleyJy7yYsrKyUUx/Ey6m10JCj/XaHRzIPMUlFALDlzpG/mHBv+AU
wH5Zz299zLbYirc3qzOKZLlPiU7TnEsLx9TzxkDiIuWKxwSsbsolT/redmWlPIIqJ4ny69
V7h2JsG8jMgkovf1vrx2RFi8qaG6N5WguUGXd5Bu/LZwEm+OwWfdEXCX9Or0gXWm3iTS1R
j0AVA95wWo3y79CMoup9OiZt/xYd0vMGmGOKILPjnJfA/D37tr7zysL083SY1FwLqcrSPl
GVXMKA1SVFH6mQ38rrZw/c6g0uxrVYSCPOVLkWAS5+UdIhRQYzw3j43EyQD3Mb8x3ghdI5
u4EAcAoNHU3Ry85HmC2QygtYh5OP71l0Pb3laviWqOEsovq3daPPYFIWtkV4o0/A5c+irc
vloYdbmLBnusVtdpKLo1AdXLfNHo3h5t+HPHngMcn+YGzs0s7587aLn2gDTu0ZXyyZ3kJ7
9FDCSVk4tf1VLb+bmE5PEDAoXKIDpwAAAAMBAAEAAAGBAL1ryCmrFYtkH5WC2WVG9f+cOm
lvhkL9j+o/lZ4QhDMsoIMjaIPyykRDUvYRLZ5Nf4vfnsVf+4OobsSPqegbw+LtuomdvRRF
S5IBZpaKgOtrNfC7y6WgMoyDP+S9SruUE4pI/buCqN0EKGZv92v2rrUlMIuq5qJ1ZPdEVm
b8aALEV1ge9jCH+/q3n/8+EHZbVOQXxzDrcvrmkXPTJ0dNoiY3XWue0GabHwjdK/Ixfx1P
O7ATXhPttOoKm8jGVahY/rLekBHKvkr9TNTaCYFFPnlNI1hWntIpfuAvcknDxBlZ4l6+Om
QenL7kF4SisecdXKTXS2SruTMX9ehUrBwSEiUzB+RE168HcFVQylZWp0TeR0NRRBKPl05G
tgXlmsSQIAYd1+GrwVCMmHWnGzzRYP7a+HvsHOWUSFoEFamd69XpnPM/heDfZzZYmpS2lz
4ovhN5Wxb4VhFji+XVADB50V1c4YpZ6sVOrdQRRb1eGJUpjz2JIQgSPuElGZH7hItFkQAA
AMEArn08rznx4LosdfFQaCIbMtNCBEbaUXhlXMJ/osb7Se4b1wviXGujbvpSxisdttjjd1
4G45sB+pMgp3XC+0C+bcBQdxfXvpygFpAodnXTGvmiG4M4jcO5PvfdGhv0I9jsJN/iFb3x
VEyCEXnBB+cM0JS+/xH0HFgBx9r4RXT2QR5r5lZ1vKznqA35zytGBzMTDSVR/1oEBHgNEp
93zHY11FayhjaQNgr89JK5BcS0MiR/8VmZ79az1KQqDbwS3/DCAAAAwQD6Vdo1vQXtjhGG
7K3eIHp6dvXQ+G08QclCnHxOylt41uhJGp7guXesfxgj5ssDFobJSpYnrtyAIm43emLMEa
81ARKucyIjYNAuDxhqT0l9+YNK39+qnDMGh5j1zvLu+XlhPVmD7e3R56MgDRPjjhy4t+mG
LIuzIeLcL8HlZHYfUAC7OMKrg9Hel0ug+1neOA5Dj4TaVBFinbldhKNVwQV58KaEiv57xT
MfT4DY8pBg+nLvugBMa/o2fzL1bwXx7XMAAADBANURTon+esT1BhpT5AxyWZquV+t/QR9O
npk6FcZvNZv5XK4UUrFRwExoV44tu8CVMG6dOrS1I8iKBHdIWOYZm1mYrNjbMXmuQTGGxf
SfpPjmxYDWHj9mr/wSpm3KwoxoQewqqErEDWz6fmDLi2v54fF6ifNa46SHJ4nsGsrTVDzX
mAnQuon9XoRp0UCt4y7e2WV37UWmusHYHMev6TF1xRjdr3vidRO/2dRi7slIxD0S+euZ7d
i1jAzHRJVwDbYD/QAAAA5yb290QFlYLW5vZGUwMQECAw==
-----END OPENSSH PRIVATE KEY-----
其他机器公钥
/root/.ssh/authorized_keys
[root@YX-node01 .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDOVfkJvjXRJNOqNuXIl8Q0CMF/PHE0aRhnEFPGrSeV4B5e384Bx6HyrzQoh/XW2/WUBpnD/tJHqQzWf2azBCu5TqdWRrEEPDNg9D9fvmikcDC/1qc0U7XyYzXlcYI0c1Ttgy869OEwYNkRQKUpLggQSHnRhtiR9V6D5QlEeqw9F0qtz5NHlnPMHVKMW9HMyBsiLvnD3AMCTKnseXbwQcnnWNjEJzswt9l3gcu5+NUS1TzrwO6AB9NhyuJ1PeomrKvH/XQtwPGK9qLFKb0TKW9vZVyUZg8xSz5rmu9amawmKrb6HsrpJ1bZmTFcG8oPzNYi0issM2FChEJh82HcPzh0woKMM01SHm5IaaBof6fxOeqSdMXHGEBvYuXMvWndM7Hs9rGqut/5UazkvYrv7+vhBYI3elRyvsN27goulGiNcjanHmWZIKwpZgICG7jmeLnE5DGqVgJ+QdtoHgmfhn5K8iWCJUlRZQBydMz1q8zyrG9bIH6Ko4pdDiWYVYFGi0U= root@YX-node02
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDeRmiE6LgCG9YUiwSzLWd6EuNPUg7fjrJDWpwR0zU2yg8HzysIRD816OkRpDRaNbJrSxaNjuVJfTeYxS2Jc3AAMhMSKcj6gCVKc9stfxSGu+XIRQuxzp1KYjCmPiWz9NGmqrhImTuluMlB6eJD170rZ9RpcYwO8DFER7M+glpkGPjXXOm0gv7VEMumbyXMp37rfvixzLKJO6rA5aJemisR00El6F+MH7UDQi4FHutrKVlE7ADJCj99b5IQ+rAyBq2CJCvHPw1oluYLMpSqVimd82GiL+Vbf2h8ye91YICET20ay24zBBFAKY9UAuebcfOyeYIu5pAC8VFtwahUl9ZBQt6W/qaZfTTywOTfwS3QTWJ021k4ecE8mp8sJtfHggUoVfzBoni5xA5oHh/WUFjQS0V717LiR+0HPpLUIa4ymheKEFDxeL4f4RzEkSYCbaUyGKeSooFvr7tpqtBUPVdG6IMygqI74jhzP2SSUm+t0WVGr5T752ywXgflpkr+5T0= root@YX-node03
曾经连接机器
/root/.ssh/know_hosts
[root@YX-node01 .ssh]# cat known_hosts
192.168.148.69 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKjhKh5VLh45eHmIVxZUPhwCvgahcbyG3bD9np25ZBHv648mZR/sVsn8ntMN+FzCymAnHtSi5yFt2TdSY5qfuuo=
192.168.115.153 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAQcexJefgvBB6P/tntJjmKTFR0qv4x8LJP2fKyIlefunNuInYolChq537qIoBmEDfc8ClxKzu9RdaIA/2I8YtI=
192.168.153.174 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP4/nvqMynW8FNQVjCX80XtwVkZ/uYtl9Y3Iz8w7hN8hsh0XRomV3clEMF0IKMJZlUeYqi5k7PIgWNW93cMVkf8=
yx-node02 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP4/nvqMynW8FNQVjCX80XtwVkZ/uYtl9Y3Iz8w7hN8hsh0XRomV3clEMF0IKMJZlUeYqi5k7PIgWNW93cMVkf8=
yx-node03,192.168.153.172 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPz5vKCZBAVEAOUvt/5CkUWsf3cDfwY/7mG34t1uP+IC5R1skmI7/cy4LMlTRg693YI7w1EXeQps3nP7oyT+B8g=
yx-node01,192.168.153.176 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDXWy2x3tLAOYYBu/h2JOTyLS9uNlVW7NJz68yYaifGZP6FQMMwDhbizdrFfQM4xv/OqVVd5f2G2P9jMle2Qpr8=
批量密钥脚本
ssh.sh
#!/bin/bash
#生成公私钥
ssh-keygen -f /root/.ssh/id_rsa -N ""
#将公钥下发给业务机器
sshpass -pDameng@8888 ssh-copy-id -o StrictHostKeyChecking=no -i /root/.ssh/id_rsa.pub root@192.168.153.176
浙公网安备 33010602011771号